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DETAILED ACTION 

1. This office action is in reply to an amendment filed on October 27, 2005. Claims 1 and 9 
have been amended and new claims 19 and 20 have been added. Claims 1-20 are pending. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-5, 7-14 and 16^0are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gohl US Publication 2002/0099942 A1 in view of Aziz US Patent 5,732,137 and further in 
view of Tozzoli et al US Patent 6,151 ,588 hereinafter Tozzoli. 

4. As per claims 1, 9 and 19, Gohl discloses providing user access via interaction with a 
casual access application, wherein a casual user is an individual who is required to interact with 
an exchange application but is not registered with an exchange security mechanism (see for 
example; abstract) comprising: 

a) receiving a request from an external application (see for example; paragraph 28; 
"request page" figure 2); 

b) automatically generating and transmitting an external message to said casual user 
containing information on accessing said casual access application (see for example; special 



Application/Control Number: 09/681 ,781 Page 3 

Art Unit: 2135 

program applet, paragraphs 28 and 56; information on accessing the "special program" must be 
sent to the user in order to load and/or download the program); 

c) automaticallygenerating a context sensitive personal identification number 
(CS-PIN) upon 

access of said causal access application by said casual user using said information (see for 
example; identification code; paragraphs 31 and 45); 

d) storing said CS-PIN in a CS-PIN holder accessible to said causal user (see for 
example; paragraph 41 and "result" paragraph 45; the CS-PIN (identification code) is generated 
and then transmitted, therefore a means of storing the result for transmission or processing is 
inherent); and 

e) enabling the casual user access to said casual access application by said casual user 
using said CS-PIN (see for example; paragraphs 41 and 50). 

Gohl does not explicitly teach storing the CS-PIN in a CS-PIN holder, wherein the CS- 
PIN holder is independent of the casual access application and the casual user. However within 
the same field of endeavor Aziz teaches a method of providing a user access to an application 
on a server, including generating a one time password and storing the password in password 
holder, wherein the password holder is independent of said application and said user and is 
accessible to said user (i.e., storing the password in a file transfer protocol in anonymous 
directory, that is accessible to the user) [column 6, lines 4-28 and 33-41]. One of ordinary skill in 
the art would have been able to modify the teaching of Aziz within the system of Gohl thereby 
providing secure access to personal identification number. Therefore it would have been 
obvious to one having ordinary skill in the art at the time the invention was made to employ the 
method of storing identification information in a holder as taught by Aziz within the system of 
Gohl in order to provide secure access to user passwords. The combination of Gohl and Aziz is 
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silent on detecting an event within an electronic exchange application which is run in the 
electronic exchange wherein the electronic exchange application determines that some 
interaction with an external application is necessary. How such a feature is well known in the art 
of electronic exchange system. For example Tozzoli teaches detecting an event within an 
electronic exchange application which is run in the electronic exchange wherein the electronic 
exchange application determines that some interaction with an external application is necessary 
[column 13, lines 9-28]. It would have been obvious to one having ordinary skill in the art at the 
time of applicant's invention to employ the teachings of Tozzoli within the combination of Gohl 
and Aziz in order to further simplify user access to electronic exchange. 

5. As per claims 14 and 20, Gohl discloses a system for providing casual user access to an 
electronic exchange wherein a casual user is an individual who is required to interact with an 
exchange application but is not registered with an exchange security mechanism (see for 
example; figs 1 and 2) comprising: an exchange application server for running exchange 
applications (see for example; application server, paragraph 23), at least one of said 
applications requiring interaction with said casual user (see for example; paragraph 24). A 
casual access application server connected to said exchange application server for receiving a 
request from and for transmitting a response to said exchange application server (see for 
example; figs 1 and 2 and paragraphs 22-24), for generating an external message for said 
casual user containing information on accessing said casual access application server (see for 
example; special program applet, paragraphs 28 and 56; information on accessing the "special 
program" must be sent to the user in order to load and/or download the program), for generating 
a context sensitive personal identification number (CSPIN) for said casual user (see for 
example; identification code; paragraphs 31 and 45) and for completing said request through an 
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interaction with and upon access by said casual user (see for example; fig 2; paragraphs 23 and 
30); and a CS-PIN holder accessible by said casual user and connected to said casual 
access application server for receiving CS-PIN from said casual access application server and 
providing it to said casual user (see for example paragraph 41 and "result" paragraph 45; the 
CS-PIN (identification code) is generated and then transmitted, therefore a means of storing the 
result for transmission or processing is inherent). 

Gohl does not explicitly teach storing the CS-PIN in a CS-PIN holder, wherein the CS- 
PIN holder is independent of the casual access application and the casual user. However within 
the same field of endeavor Aziz teaches a method of providing a user access to an application 
on a server, including generating a one time password and storing the password in password 
holder, wherein the password holder is independent of said application and said user and is 
accessible to said user (i.e., storing the password in a file transfer protocol in anonymous 
directory, that is accessible to the user) [column 6, lines 4-28 and 33-41]. One of ordinary skill in 
the art would have been able to modify the teaching of Aziz within the system of Gohl thereby 
providing secure access to personal identification number. Therefore it would have been 
obvious to one having ordinary skill in the art at the time the invention was made to employ the 
method of storing identification information in a holder as taught by Aziz within the system of 
Gohl in order to provide secure access to user passwords. The combination of Gohl and Aziz is 
silent on detecting an event within an electronic exchange application which is run in the 
electronic exchange wherein the electronic exchange application determines that some 
interaction with an external application is necessary. How such a feature is well known in the art 
of electronic exchange system. For example Tozzoli teaches detecting an event within an 
electronic exchange application which is run in the electronic exchange wherein the electronic 
exchange application determines that some interaction with an external application is necessary 
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[column 13, lines 9-28]. It would have been obvious to one having ordinary skill in the art at the 
time of applicant's invention to employ the teachings of Tozzoli within the combination of Gohl 
and Aziz in order to further simplify user access to electronic exchange. 

6. As per claims 2, 10, and 18, the combination of Gohl and Aziz discloses the claimed 
limitations as described above (see claims 1 and 9). Gohl further discloses storing data defining 
said request (see for example; paragraphs 24-25 and fig 2) and wherein step e) further 
comprises retrieving said data defining said request in order to convey said data to said casual 
user (see for example; fig 2 and paragraphs 27-28; the step of retrieval of stored data in order to 
facilitate the authentication and data to the requesting user is inherent to any scheme requiring 
user authentication handshaking in order to facilitate synchronization between the user and the 
external application). 

1. As per claims 3 and 1 1 , the combination of Gohl and Aziz discloses the claimed 
limitations as described above (see claims 2 and 10). Gohl further discloses providing said 
external application with a notification of completion of said request (see for example; 
identification code, paragraph 33). As for deleting said data defining said request, Gohl further 
discloses multiple requests at different time intervals (see for example; fig 2 and paragraph 20). 
The means of deleting data pertaining to a request in such data exchange systems is well 
known in the art. The notification, as described above, signals that the request is completed, 
and therefore, one of ordinary skill in the art at the time of the applicant's invention would have 
realized such data pertaining to said request would no longer be necessary. It would have been 
obvious to one of ordinary skill in the art a the time of the applicant's invention to delete said 
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data defining said request because it would have increased memory space for future 
transactions. 

8. As per claims 4 and 12, the combination of Gohl and Aziz discloses the claimed 
limitations as described above (see claims 3 and 11). Gohl further discloses said notification 
information including information requested by said external application from said casual user 
(see for example; paragraphs 24 and 33). 

9. As per claims 5 and 13, the combination of Gohl and Aziz discloses the claimed 
limitations as described above (see claims 1 and 9). Gohl further discloses the CS-PIN 
becoming ineffective after elapse of a predetermined amount of time after generation (see for 
example; paragraphs 7 and 41), 

10. As per claims 7 and 16, the combination of Gohl and Aziz discloses the claimed 
limitations as described above (see claims 1 and 14). As for a CS-PIN holder being a webpage 
accessible via the Internet by both the casual access application and said casual user, Gohl 
discloses a web page containing an applet for generating the CS-PIN (see for example; 
paragraph 29) and further discloses the webpage holding other information that are part of a 
CS-PIN (see for example; paragraph 56). Applets are well known in the art to be applications 
that are part of a webpage. The generated CS-PIN from the applet must store the CS-PIN for 
transmission to the server. One of ordinary skill in the art at the time of the applicant's invention 
would have realized that such a CS-PIN is stored on the webpage of where the applet is 
running. 
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11. As per claims 8 and 17, the combination of Gohl and Aziz teaches the claimed 
limitations as described above. Aziz further teaches the method wherein the CS-PIN holder is a 
file transfer protocol (FTP) database accessible by both the casual access application and said 
casual user [column 6, lines 4-28 and 33-41]. 

12. Claims 6 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Gohl, US Publication 20021099942, in view of Aziz US Patent 5,732,137 and further in view of 
Tozzoli US Patent 6,151,588 as applied above and further in view of Sormunen et al 
(hereinafter Sormunen), US Patent 6,112,078. 

13. As per claims 6 and 15, the combination of Gohl, Aziz and Tozzoli discloses the claimed 
limitations as described above (see claim 1). Gohl further discloses a CS-PIN holder for storing 
the generated CS-PIN (see for example; paragraph 41 and "result" paragraph 45; the CS-PIN 
(identification code) is generated and then transmitted, therefore a means of storing the result 
for transmission or processing is inherent). The combination of Gohl, Aziz and Tozzoli does not 
explicitly teach the CS-PIN holder being an email address accessible by both the casual access 
application and said casual user. However, any means of holding the CS-PIN to be transmitted 
to the external application can be used. The use of electronic mail to deliver information from 
one entity to another is well known in the art. Sormunen discloses a means of generating a 
CS-PIN (password, col 2 In 18-31) and a CS-PIN holder accessible by both the casual access 
application and said casual user (see for example; fig 1 and col 2 In 18-31). Electronic mail is 
well established in the art and adds convenience and protection to information sent to 
authorized users. For example, well known mail applications, such as hotmail and yahoo mail, 
require a user to know both the user ID and a password to be able to log in and read electronic 
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mail, it would have been obvious to one of ordinary skill in the art at the time of the applicant's 
invention to combine the CS-PIN holder of Sormunen within the system of Gohl, Aziz and 
Tozzoli because it would have provided a means of distributing information to authorized users 
wherein only the authorized user is allowed to view the data and thus increase data integrity. 



Response to Arguments 

14. Applicant's arguments filed October 27, 2005 have been fully considered but they are 
not persuasive. Applicant argues that the art on record fails to teach detecting an event within 
an electronic exchange application which is run in the electronic exchange wherein the 
electronic exchange application determines that some interaction with an external application is 
necessary. Applicant further argues that the art on record fails to teach responding to the event 
by generating and transmitting an external message to said user containing information on 
accessing said casual access application. Examiner disagrees. 

Examiner would point out that Gohl discloses providing user access via interaction with a 
casual access application as discussed above. Furthermore, Gohl teaches receiving a request 
from an external application (see for example; paragraph 28; "request page" figure 2) and 
generating and transmitting an external message to said casual user containing information on 
accessing said casual access application (see for example; special program applet, paragraphs 
28 and 56; information on accessing the "special program" must be sent to the user in order to 
load and/or download the program). Examiner would further point out that Tozzoli teaches 
detecting an event within an electronic exchange application which is run in the electronic 
exchange wherein the electronic exchange application determines that some interaction with an 
external application is necessary [column 13, lines 9-28]. Examiner asserts that the art on 
record teaches the claim limitations and therefore the rejection is respectfully maintained. 
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Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy 
as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing date 
of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Beemnet W. Dada whose telephone number is (571) 272-3847. The 
examiner can normally be reached on Monday - Friday (9:00 am - 5:30 pm). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y. Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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